IDG News Service - HSBC Bank says a bug in its imaging software inadvertently exposed sensitive data about some of its customers going through bankruptcy proceedings.
In notification letters made public Thursday, the bank said it had redacted sensitive information in Chapter 13 bankruptcy proof-of-claim forms that were filed electronically, but that the information turned out to be viewable "as a result of the deficiency in the software used to save imaged documents."
An HSBC spokeswoman declined to elaborate on the cause of the problem, but said "a limited number of customers" were affected. HSBC has "no reason to believe customers' personal information may have been compromised," she added via e-mail. The company sent letters to affected customers in October and is offering them one year of free credit monitoring.
Some customers of the following HSBC companies are affected: HSBC Taxpayer Financial Services, Beneficial New Hampshire and Household Finance Corporation.
According to documents filed Thursday with the New Hampshire Attorney General's office, HSBC failed to completely redact information on forms that were filed between May 1, 2007, and Oct. 17, 2008. HSBC said it learned of the problem on July 9, 2009.
The data disclosed may have covered HSBC credit card, line-of-credit or mortgage information, the company said.
Legal documents are increasingly being filed online, causing some problems as company employees get used to the new formats. Information on paper copies can be redacted with a marker pen, but electronic redaction, if not done properly, can be reversed with a simple cut-and-paste.
Earlier this year, for example, the Associated Press was able to read redacted court testimony that showed Facebook's estimate of its own market value. The AP got its scoop by cutting and pasting the blacked-out sections of a court transcript.
The problem is large enough that two months ago the U.S. District Court for the District of New Jersey sent out guidelines explaining how to properly redact information.
"Electronically filing PDF'd documents is a relatively new process for lawyers," many of whom have only recently started using desktop computers, said Christina Frangiosa, counsel with the law firm Panitch Schwarze Belisario & Nadel.
- 15 Non-Certified IT Skills Growing in Demand
- How 19 Tech Titans Target Healthcare
- Twitter Suffering From Growing Pains (and Facebook Comparisons)
- Agile Comes to Data Integration
- Slideshow: 7 security mistakes people make with their mobile device
- iOS vs. Android: Which is more secure?
- 11 sure signs you've been hacked
- The 12 PCI DSS 3.0 requirements addressed by Peer 1 Hosting This handy quick reference outlines the 12 PCI DSS 3.0 requirements, who needs to be compliant and how Alert Logic solutions address the...
- Defense Throughout the Vulnerability Life Cycle This whitepaper provides insight into how to leverage threat and log management technologies to protect your IT assets throughout their vulnerability life cycle.
- Mobile Policy Checklist Here's what to consider when putting together a mobile policy designed to support a highly productive workforce.
- Securing BYOD Mobile computing is becoming so ubiquitous that people no longer bat an eye seeing someone working two devices simultaneously. Individuals and organizations are...
- Live Webcast On-demand webinar: "Mobility Mayhem: Balancing BYOD with Enterprise Security" Check out this on-demand webinar to hear Sophos senior security expert John Shier deep dive into how BYOD impacts your enterprise security strategy...
- Live Webcast Endpoint Backup & Restore: Protect Everyone, Everywhere Arek Sokol from the bleeding-edge IT team at Genentech/Roche explains how he leverages cross-platform enterprise endpoint backup in the public cloud as part...
- Streamline Software Asset Management, Compose a software Management Symphony Keeping track of your organization's software is easy with effective software management solutions from CDW. View the videos in our software solutions channel
- Druva inSync: Endpoint Data Protection & Governance CLICK HERE to watch this video about protecting corporate data on laptops and mobile devices, sponsored by Druva. All Security White Papers | Webcasts